0x1a.pcap

MD5d7387a3f6de74a9b59092fa820ad61ed
Submission Date2020-05-22 19:34:01
Tags(not set)
Alert 19
Showing 1-19 of 19 items.
#
TimestampSrc IpDest IpAlert SignatureP
1
2011-01-25T10:53:48.017406-0800172.16.255.1204.9.163.158ET CHAT Skype User-Agent detected*
2
2011-01-25T10:53:55.256951-0800172.16.255.1204.9.163.158ET CHAT Skype User-Agent detected*
3
2011-01-25T10:53:56.736049-0800172.16.255.1204.9.163.158ET CHAT Skype User-Agent detected*
4
2011-01-25T10:54:09.041399-0800172.16.255.1204.9.163.158ET CHAT Skype VOIP Checking Version (Startup)*
5
2011-01-25T10:54:09.041399-0800172.16.255.1204.9.163.158ET CHAT Skype User-Agent detected*
6
2011-01-25T10:54:18.740934-0800172.16.255.1128.241.90.211ET CHAT Skype User-Agent detected*
7
2011-01-25T10:53:56.550320-0800172.16.255.1204.9.163.158ET CHAT Skype User-Agent detected*
8
2011-01-25T10:54:00.682451-0800172.16.255.1204.9.163.158ET CHAT Skype User-Agent detected*
9
2011-01-25T10:54:16.117913-080065.54.186.1910.0.2.15ET POLICY SSLv3 outbound connection from client vulnerable to POODLE attack*
10
2011-01-25T10:54:24.889698-0800207.46.113.7810.0.2.15ET POLICY SSLv3 outbound connection from client vulnerable to POODLE attack*
11
2011-01-25T10:54:18.736690-0800172.16.255.1128.241.90.211ET CHAT Skype User-Agent detected*
12
2011-01-25T10:54:18.742624-0800172.16.255.1128.241.90.211ET CHAT Skype User-Agent detected*
13
2011-01-25T10:54:37.330025-080010.0.2.1564.4.35.57GPL CHAT MSN user search*
14
2011-01-25T10:54:37.330648-080010.0.2.1564.4.35.57GPL CHAT MSN user search*
15
2011-01-25T10:54:53.956611-0800172.16.255.1128.241.90.211ET CHAT Skype User-Agent detected*
16
2011-01-25T10:54:53.956650-0800172.16.255.1128.241.90.211ET CHAT Skype User-Agent detected*
17
2011-01-25T10:54:53.956585-0800172.16.255.1128.241.90.211ET CHAT Skype User-Agent detected*
18
2011-01-25T10:55:50.745970-0800192.168.3.131192.168.3.255ET POLICY Dropbox Client Broadcasting*
19
2011-01-25T10:57:08.256589-0800172.16.255.1204.9.163.158ET CHAT Skype User-Agent detected*
DNS 542
Showing 1-20 of 542 items.
#
TimestampSrc IpDest IpDns TypeResource Record NameResource Record TypeResource Data
1
2011-01-25T10:52:32.483158-0800192.168.3.13172.14.213.102queryffd8ffe000104a46494600010101004800480000ffdb0043000d090a0b0a080TXT(not set)
2
2011-01-25T10:52:32.786188-0800192.168.3.13172.14.213.102queryd0b0a0b0e0e0d0f13201513121213271c1e17202e2931302e292d2c333a4a3eTXT(not set)
3
2011-01-25T10:52:33.200699-0800192.168.3.13172.14.213.102query333646372c2d405741464c4e525352323e5a615a50604a51524fffdb0043010TXT(not set)
4
2011-01-25T10:52:34.280280-0800192.168.3.13172.14.213.102querye0e0e131113261515264f352d354f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4fTXT(not set)
5
2011-01-25T10:52:34.555870-0800192.168.3.13172.14.213.102query4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4f4TXT(not set)
6
2011-01-25T10:52:35.222471-0800192.168.3.13172.14.213.102queryfffc2001108012c019003011100021101031101ffc4001a0000030101010100TXT(not set)
7
2011-01-25T10:52:35.732874-0800192.168.3.13172.14.213.102query00000000000000000000010203040506ffc4001801010101010100000000000TXT(not set)
8
2011-01-25T10:52:36.524276-0800192.168.3.13172.14.213.102query000000000000001020304ffda000c03010002100310000001f980003497bf9fTXT(not set)
9
2011-01-25T10:52:36.925963-0800192.168.3.13172.14.213.102query64617259bcd895737d3cc5912a9b8b32970595a4714bae754a0c40226c910c0TXT(not set)
10
2011-01-25T10:52:37.804891-0800192.168.3.13172.14.213.102querycd22c4692e93529364588000540c40005cbdd8ea4b85c3ada682ae74ebe6111TXT(not set)
11
2011-01-25T10:52:38.156640-0800192.168.3.13172.14.213.102query94d66b32e2b0b68425635714310854924009011acd6b8b1a888b26840401551TXT(not set)
12
2011-01-25T10:52:38.690555-0800192.168.3.13172.14.213.102query1400172f6e3ab970b875b6740f59d3a799d819cb8b532e4b9adc8c4a0865176TXT(not set)
13
2011-01-25T10:52:39.694600-0800192.168.3.13172.14.213.102query4ca8b29254959358a4d6d8d6d8d67a8aa526c402b011445021972f6f3ead70bTXT(not set)
14
2011-01-25T10:52:39.897931-0800192.168.3.13172.14.213.102query82b6ce82b59be9e7772c89706a2585cd768d656128140d00568080649981ae6TXT(not set)
15
2011-01-25T10:52:40.777167-0800192.168.3.13172.14.213.102queryed9d4d85024299209348e0d44005cbddcfb38c35875ae74c7acd74f3d5cb225TXT(not set)
16
2011-01-25T10:52:41.045583-0800192.168.3.13172.14.213.102querye59bc66b42c72eb1aad950cb958e286350118080603018c631d3181f23d7080TXT(not set)
17
2011-01-25T10:52:41.706710-0800192.168.3.13172.14.213.102query0b97bb1d5cb85cd5692b1dcd6f8b273735d26bd18d33792b3b1af7e6d48c281TXT(not set)
18
2011-01-25T10:52:42.608511-0800192.168.3.13172.14.213.102query922860a891d8c004003018c631d319f1dd70080b97bb1d6a5c90b2948491731TXT(not set)
19
2011-01-25T10:52:43.287377-0800192.168.3.13172.14.213.102query51608e9258950e353dee7ad60a6004c148044c30a00004500c631d051f1bd70TXT(not set)
20
2011-01-25T10:52:43.832159-0800192.168.3.13172.14.213.102query08654bdd8eb52e685433093615a58233a29a51d25573e6f986b2fd273d50000TXT(not set)
TLS 57
Showing 1-20 of 57 items.
#
TimestampSource IPDestination IPTLS VersionServer Name Indication
1
2011-01-25T10:52:22.968559-0800192.168.3.13172.14.213.147TLSv1www.google.com
2
2011-01-25T10:52:42.316152-0800192.168.3.13172.14.213.102TLSv1calendar.google.com
3
2011-01-25T10:52:42.349520-0800192.168.3.13172.14.213.102TLSv1calendar.google.com
4
2011-01-25T10:52:42.264672-0800192.168.3.13172.14.213.102TLSv1calendar.google.com
5
2011-01-25T10:52:42.267777-0800192.168.3.13172.14.213.102TLSv1calendar.google.com
6
2011-01-25T10:52:42.268539-0800192.168.3.13172.14.213.102TLSv1calendar.google.com
7
2011-01-25T10:52:42.264651-0800192.168.3.13172.14.213.102TLSv1calendar.google.com
8
2011-01-25T10:52:42.265460-0800192.168.3.13172.14.213.102TLSv1calendar.google.com
9
2011-01-25T10:52:42.266988-0800192.168.3.13172.14.213.102TLSv1calendar.google.com
10
2011-01-25T10:54:15.372417-0800172.16.255.1204.9.163.181TLSv1channel.skype.com
11
2011-01-25T10:54:18.427476-0800172.16.255.166.235.143.184TLSv1smetrics.skype.com
12
2011-01-25T10:54:14.352845-0800172.16.255.1204.9.163.181TLSv1channel.skype.com
13
2011-01-25T10:54:15.370503-0800172.16.255.1204.9.163.181TLSv1channel.skype.com
14
2011-01-25T10:54:15.379317-0800172.16.255.1204.9.163.181TLSv1channel.skype.com
15
2011-01-25T10:54:16.181047-080010.0.2.1565.54.186.19SSLv3(not set)
16
2011-01-25T10:54:13.079184-0800192.168.3.13172.14.213.132TLSv1ode25pfjgmvpquh3b1oqo31ti5ibg5fr-a-calendar-opensocial.googleusercontent.com
17
2011-01-25T10:54:13.192909-0800192.168.3.13172.14.213.132TLSv1www-calendar-opensocial.googleusercontent.com
18
2011-01-25T10:54:24.955329-080010.0.2.15207.46.113.78SSLv3(not set)
19
2011-01-25T10:54:17.516472-0800172.16.255.1184.85.226.161TLSv1apps.skype.com
20
2011-01-25T10:54:17.720842-0800172.16.255.1184.85.226.161TLSv1apps.skype.com
TFTP 0
#TimestampSrc IpDest IpTftp PacketTftp FileTftp Mode
No results found.
HTTP 557
Showing 1-20 of 557 items.
#
TimestampSourceHostnamePortMethodURLStatus
1
2011-01-25T10:52:23.466591-0800192.168.3.131msn.ca80GET/301
2
2011-01-25T10:52:23.881989-0800192.168.3.131col.stb.s-msn.com80GET/i/94/9BE085B9BAD824CEB7C33F498354B.jpg200
3
2011-01-25T10:52:23.428743-0800192.168.3.131ca.msn.com80GET/200
4
2011-01-25T10:52:23.490168-0800192.168.3.131view.atdmt.com80GET/action/MMN_Homepage200
5
2011-01-25T10:52:23.761593-0800192.168.3.131rad.msn.com80GET/ADSAdClient31.dll?GetSAd=&DPJS=0&PN=MSFT&PG=CAE9TX&AP=1389200
6
2011-01-25T10:52:23.874614-0800192.168.3.131c.msn.com80GET/c.gif?di=210&pi=11654&ps=10274&tp=http://ca.msn.com/ca.msn.com/default.aspxW&rf=200
7
2011-01-25T10:52:23.881606-0800192.168.3.131b.scorecardresearch.com80GET/r?c2=3000001&d.c=gif&d.o=msnportalhomepagecaen&d.x=184063711&d.t=page&d.u=http%3A%2F%2Fca.msn.com%2F200
8
2011-01-25T10:52:25.187810-0800192.168.3.131col.stc.s-msn.com80GET/br/hp/11/i/en_ie8-tickler.jpg200
9
2011-01-25T10:52:23.890590-0800192.168.3.131beacon.scorecardresearch.com80GET/scripts/beacon.dll?c1=2&c2=2128&c3=&c4=&c5=&c6=&c7=http%3A//ca.msn.com/&c8=MSN%20Canada%20-%20The%20home%20of%20world-class%20services%20such%20as%20Hotmail%2C%20Windows%20Live%20Messenger%2C%20and%20News%2C%20Sports%2C%20Financial%20and%20Entertainment&c9=&c10=1680x1050&rn=1295981543432200
10
2011-01-25T10:52:24.330674-0800192.168.3.131altfarm.mediaplex.com80GET/ad/js/12308-120034-30721-0?mpt=[1627390274ER]&mpvc=302
11
2011-01-25T10:52:25.131007-0800192.168.3.131col.stb.s-msn.com80GET/i/D6/8E763C825DC0E388929AE1B375CE18.JPG(not set)
12
2011-01-25T10:52:43.912586-0800192.168.3.131vancouver.en.craigslist.ca80GET/200
13
2011-01-25T10:52:23.762574-0800192.168.3.131msnportal.112.2o7.net80GET/b/ss/msnportalhomepagecaen/1/H.7-pdv-2/s84495919100008?[AQB]&ndh=1&t=25%2F0%2F2011%2010%3A52%3A23%202%20480&ns=msnportal&pageName=MSN%20CanadaMSFTW&g=http%3A%2F%2Fca.msn.com%2F&r=&s=1680x1050&c=32&k=Y&bw=1680&bh=949&hp=N&ch=&server=msn.com&c1=Portal&v1=1%2F2011&c2=en-ca&v2=1%2F25%2F2011&c3=12.0&c19=Dblu%2CW1%2CQ1%2C4.0&c22=True&c29=http%3A%2F%2Fca.msn.com%2F&c4=&cc=USD&ct=lan&v=Y&j=1.3&[AQE]302
14
2011-01-25T10:52:23.832607-0800192.168.3.131a.rad.msn.com80GET/ADSAdClient31.dll?GetSAd=&DPJS=0&PN=MSFT&PG=CAE9UT&AP=1440200
15
2011-01-25T10:52:44.146105-0800192.168.3.131vancouver.en.craigslist.ca80GET/favicon.ico200
16
2011-01-25T10:52:25.356727-0800192.168.3.131g.msn.ca80GET/_0nwenca0/00/00?http://ca.msn.com/&&ps=10274&pi=11654&di=210&gt1=&ce=1&cm=wrapper%3EticklerI&hl=IEAKTickler%20Prompt%20shown&su=http%3A%2F%2Fca.msn.com%2Fca.msn.com%2Fdefault.aspxW204
17
2011-01-25T10:52:26.648415-0800192.168.3.131col.stb.s-msn.com80GET/i/86/998863E64E6ED2A022EECB50A53CC3.jpg(not set)
18
2011-01-25T10:52:26.906087-0800192.168.3.131kelowna.en.craigslist.ca80GET/200
19
2011-01-25T10:52:24.393150-0800192.168.3.131img.mediaplex.com80GET/content/0/12308/120034/1326513_300x250_new_year_v130_trend_en_c02.js?mpck=altfarm.mediaplex.com%2Fad%2Fck%2F12308-120034-30721-0%3Fmpt%3D%5B1627390274ER%5D&mpt=[1627390274ER]&mpvc=200
20
2011-01-25T10:52:49.632574-0800192.168.3.131connect.facebook.net80GET/en_US/all.js304
SMB 0
#
TimestampSrc IpDest IpSMB DialectCommandSessionTree
No results found.
SMTP 0
#
TimestampSourceDestinationEmail FromEmail ToSubject
No results found.
Flow 636
Showing 1-20 of 636 items.
#
TimestampFlow IdEvent TypeSourceSource PortDestinationDestination PortProtocolHost
1
2011-01-25T10:52:25.246658-08001470184954606485flow192.168.3.1315703874.217.50.1080TCPpcapanalyzer
2
2011-01-25T10:52:25.246658-0800508260455515174flow192.168.3.1315596265.55.5.23280TCPpcapanalyzer
3
2011-01-25T10:52:25.246658-0800930655456617529flow192.168.3.1315701172.14.213.13880TCPpcapanalyzer
4
2011-01-25T10:57:20.768972-08002111064942243162flow192.168.3.1315221472.14.213.102443TCPpcapanalyzer
5
2011-01-25T10:57:20.768972-0800422451320858244flow172.16.255.11070467.215.65.132445TCPpcapanalyzer
6
2011-01-25T10:57:20.768972-08001829832632976457flow192.168.3.1315611265.54.95.6880TCPpcapanalyzer
7
2011-01-25T10:57:20.768972-08001548920304845175flow192.168.3.1315643365.54.95.6880TCPpcapanalyzer
8
2011-01-25T10:57:20.768972-08001549201628745894flow192.168.3.13157145208.50.77.975480TCPpcapanalyzer
9
2011-01-25T10:57:20.768972-08001690063667469653flow192.168.3.1315641165.55.206.19980TCPpcapanalyzer
10
2011-01-25T10:57:20.768972-08001268072389540095flow72.14.213.10380192.168.3.13157883TCPpcapanalyzer
11
2011-01-25T10:57:20.768972-08001127755811737156flow192.168.3.1315641865.54.95.14080TCPpcapanalyzer
12
2011-01-25T10:57:20.768972-08001409263006265849flow192.168.3.1315717665.55.206.980TCPpcapanalyzer
13
2011-01-25T10:57:20.768972-0800565029196768856flow192.168.3.1315643865.54.95.7580TCPpcapanalyzer
14
2011-01-25T10:57:20.768972-08001972496427268765flow192.168.3.13157245204.14.234.85443TCPpcapanalyzer
15
2011-01-25T10:57:20.768972-08001972558696009078flow172.16.255.110672212.8.163.8054900TCPpcapanalyzer
16
2011-01-25T10:57:20.768972-08001832171248908212flow10.0.2.155968610.0.2.353UDPpcapanalyzer
17
2011-01-25T10:57:20.768972-0800143360041912228flow172.16.255.150983188.246.82.732291UDPpcapanalyzer
18
2011-01-25T10:57:20.768972-08001973065502882973flow172.16.255.110688213.146.189.205443TCPpcapanalyzer
19
2011-01-25T10:57:20.768972-08001550865928573227flow192.168.3.1315724266.235.136.898443TCPpcapanalyzer
20
2011-01-25T10:57:20.768972-0800143851821286704flow192.168.3.13157149208.50.77.7380TCPpcapanalyzer
File 488
Showing 1-20 of 488 items.
#
TimestampSourceDestinationFile NameFile MagicFile Size
1
2011-01-25T10:52:23.428743-080065.55.17.37192.168.3.131/HTML document, ASCII text, with very long lines85419
2
2011-01-25T10:52:23.490168-0800207.46.148.38192.168.3.131/action/MMN_HomepageGIF image data, version 89a, 1 x 142
3
2011-01-25T10:52:23.761593-080065.55.5.232192.168.3.131/ADSAdClient31.dllASCII text, with CRLF line terminators1155
4
2011-01-25T10:52:23.874614-080065.55.239.163192.168.3.131/c.gifGIF image data, version 89a, 1 x 142
5
2011-01-25T10:52:23.881606-0800206.108.207.139192.168.3.131/rGIF image data, version 89a, 1 x 143
6
2011-01-25T10:52:25.187810-080065.54.95.142192.168.3.131/br/hp/11/i/en_ie8-tickler.jpgJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 976x108, frames 332764
7
2011-01-25T10:52:23.890590-0800184.24.133.32192.168.3.131/scripts/beacon.dllGIF image data, version 89a, 1 x 143
8
2011-01-25T10:52:24.090635-080065.54.95.140192.168.3.131/i/94/9BE085B9BAD824CEB7C33F498354B.jpgJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 178x100, frames 32798
9
2011-01-25T10:52:25.331714-080065.54.95.140192.168.3.131/i/D6/8E763C825DC0E388929AE1B375CE18.JPGJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, frames 3631
10
2011-01-25T10:52:43.912586-0800208.82.236.129192.168.3.131/HTML document, ASCII text, with very long lines29770
11
2011-01-25T10:52:23.832607-080065.55.5.231192.168.3.131/ADSAdClient31.dllASCII text, with CRLF line terminators1165
12
2011-01-25T10:52:44.146105-0800208.82.236.129192.168.3.131/favicon.icoMS Windows icon resource - 1 icon, 16x161150
13
2011-01-25T10:52:26.653429-080065.54.95.140192.168.3.131/i/86/998863E64E6ED2A022EECB50A53CC3.jpgJPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 180x200, frames 37831
14
2011-01-25T10:52:26.906087-0800208.82.236.129192.168.3.131/HTML document, ASCII text29475
15
2011-01-25T10:52:24.393150-080063.215.202.49192.168.3.131/content/0/12308/120034/1326513_300x250_new_year_v130_trend_en_c02.jsHTML document, ASCII text, with very long lines3919
16
2011-01-25T10:52:24.648681-080065.55.5.232192.168.3.131/ADSAdClient31.dllHTML document, ASCII text, with very long lines768
17
2011-01-25T10:52:25.041761-0800192.168.3.13172.14.213.101/tbproxy/af/queryXML 1.0 document, ASCII text, with no line terminators279
18
2011-01-25T10:52:25.094681-080065.55.17.37192.168.3.131/ajax/Horoscope.aspxHTML document, ASCII text, with very long lines, with no line terminators659
19
2011-01-25T10:52:25.127922-080065.55.17.37192.168.3.131/ajax/I.aspxXML 1.0 document, ASCII text, with very long lines, with no line terminators1020
20
2011-01-25T10:52:49.690831-080065.54.95.140192.168.3.131/br/csl/css/7766ab4aded23464b589344c12527feb/pollservice.cssASCII text, with very long lines, with no line terminators3232

Comments(not set)

Update Download PCAP Delete